Policies aren’t sexy. Let’s be honest, they can be downright boring. But you cannot have a mature and robust security program without good ones in place. This session, given by interactive and engaging
speakers, talks about policies, what one’s are necessary for security, what goes into them, how to enforce them, how to keep them up to date, and how to influence awareness. Here, we will attempt to do the impossible: make policies exciting. This session isn’t for general audiences just getting into security, but for seasoned practitioners that are having problems because their organization’s security
policies are ineffective, insufficient, or incompetent. It will be an advanced discussion on the topic of security policies and how to ensure your organization has policies that are enforced and effective
and that you have the required governance behind the security policies. Love them or hate them, Security Policies are a necessary evil for every organization. Come here to hear how to do them right.
- Writing effective, enforcable, and realistic policies.
- Establishing sound policies, standards, and guidelines as part of ITRC.
- Facilitiating policy awareness throughout an enterprise, so everyone understands.
- Collaborating across the organization in negotinating effective policies.
About Ronald Woerner

Ron Woerner, CISSP, CISM has over 25 years of IT and Security experience and is a noted educator, consultant, speaker, and writer in the Security industry. As President and Chief Trusted Advisor at RWX Security Solutions, he works as an IT Security Consultant performing security audit and risk assessments for small, medium, and large organizations. Ron established the Cybersecurity Studies program at Bellevue University, an NSA Center of Academic Excellence where he still teaches. He has been a featured speaker at the (ISC)2, ISACA, TEDx, and RSA conferences. Ron was the Air Force Association CyberPatriot Mentor of the Year in 2014. Ron loves to talk to others who are passionate about Security and Privacy.